Support for client certs in ssl_server_socket.

net/cert/mock_client_cert_verifier.cc

Index: net/cert/mock_client_cert_verifier.cc
diff --git a/net/cert/mock_client_cert_verifier.cc b/net/cert/mock_client_cert_verifier.cc
new file mode 100644
index 0000000000000000000000000000000000000000..4c2e4fd41657913134e0ebf0e824a678d8f74744
--- /dev/null
+++ b/net/cert/mock_client_cert_verifier.cc
@@ -0,0 +1,43 @@
+// Copyright (c) 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/cert/mock_client_cert_verifier.h"
+
+#include "net/base/net_errors.h"
+#include "net/cert/x509_certificate.h"
+
+namespace net {
+
+struct MockClientCertVerifier::Rule {
+  Rule(X509Certificate* cert, int rv) : cert(cert), rv(rv) { DCHECK(cert); }
+
+  scoped_refptr<X509Certificate> cert;
+  int rv;
+};
+
+MockClientCertVerifier::MockClientCertVerifier()
+    : default_result_(ERR_CERT_INVALID) {}
+
+MockClientCertVerifier::~MockClientCertVerifier() {}
+
+int MockClientCertVerifier::Verify(X509Certificate* cert,
+                                   const BoundNetLog& net_log) {
+  RuleList::const_iterator it;
+  for (it = rules_.begin(); it != rules_.end(); ++it) {
+    // Check just the server cert. Intermediates will be ignored.
+    if (!it->cert->Equals(cert))
+      continue;
+    return it->rv;
+  }
+
+  // Fall through to the default.
+  return default_result_;
+}
+
+void MockClientCertVerifier::AddResultForCert(X509Certificate* cert, int rv) {
+  Rule rule(cert, rv);
+  rules_.push_back(rule);
+}
+
+}  // namespace net